The HackerStorm Open Source Vulnerability Database (OSVDB) tool is a web-based utility (runs in a web browser) that enables you to research vulnerabilities associated with various software companies, such as Microsoft, Mozilla, Red Hat, etc. You simply download the tool and the associated vulnerability database and you use the Flash-based graphical user interface (GUI) to get the details on vulnerabilities based on software vendor.
Download and install the tool
To download our GUI, simply click the download button and save it to your PC. Using a zip utility of your choice, extract the files to your PC, there is no installtion required, a folder called 'Hackerstorm' will be copied with the file.
To start using the tool
To begin using the GUI, open 'Start.html' in the Hackerstorm folder with your browser. You will need flashplayer 7 and above. If you dont have flashplayer 7, please visit www.macromedia.com, it only takes a few moments to install.
Updating the XML database
With the GUI open in your browser, click 'Update' to download the latest xml files. The files are compressed and should be extracted to the Hackerstorm folder. Once extracted you will see a new file called vendorlist.xml and a directory called xmls.
If you have problems updating the xml database in the GUI, you can get it here.
Dont forget to overwrite all files when extracting the xml data!!
To install the HackerStorm OSVDB, first create a folder to hold all its files, such as C:\Users\username\HackerStorm.
Next, download the HackerStorm OSVDB GUI .zip file and extract its contents into the HackerStorm file you just created.
Then return to the OSVDB page and download the XML vulnerability which is in tar.bz2 format. Extract this file into the HackerStorm folder as well.
In the HackerStorm folder you will see a start.html file. Open it with your browser and you will be presented with the OSVDB main interface. Click the ‘OSVDB SEARCH’ button.
Scroll down through the vendor name and select Microsoft Corporation, then click View. To see all Microsoft vulnerabilities, click ‘View All’. Wait a few seconds as all the Microsoft database entries load and are displayed in the GUI.